US20160330213A1 - Power Line Communication (PLC) Network Nodes Using Cipher Then Segment Security - Google Patents
Power Line Communication (PLC) Network Nodes Using Cipher Then Segment Security Download PDFInfo
- Publication number
- US20160330213A1 US20160330213A1 US15/216,291 US201615216291A US2016330213A1 US 20160330213 A1 US20160330213 A1 US 20160330213A1 US 201615216291 A US201615216291 A US 201615216291A US 2016330213 A1 US2016330213 A1 US 2016330213A1
- Authority
- US
- United States
- Prior art keywords
- plc
- segment identifier
- frame
- payload
- create
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
- G06F15/177—Initialisation or configuration control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B3/00—Line transmission systems
- H04B3/54—Systems for transmission via power distribution lines
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B3/00—Line transmission systems
- H04B3/54—Systems for transmission via power distribution lines
- H04B3/542—Systems for transmission via power distribution lines the information being in digital form
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B2203/00—Indexing scheme relating to line transmission systems
- H04B2203/54—Aspects of powerline communications not already covered by H04B3/54 and its subgroups
- H04B2203/5404—Methods of transmitting or receiving signals via power distribution lines
- H04B2203/5408—Methods of transmitting or receiving signals via power distribution lines using protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
Definitions
- Power line communications include systems for communicating data over the same medium that is also used to transmit electric power to residences, buildings, and other premises, such as wires, power lines, or other conductors.
- PLC modulates communication signals over existing power lines. This enables devices to be networked without introducing any new wires or cables. This capability is extremely attractive across a diverse range of applications that can leverage greater intelligence and efficiency through networking.
- PLC applications include utility meters, home area networks, and appliance and lighting control.
- PLC is a generic term for any technology that uses power lines as a communications channel.
- Various PLC standardization efforts are currently in work around the world. The different standards focus on different performance factors and issues relating to particular applications and operating environments.
- Two of the most well-known PLC standards are G3 and PRIME.
- G3 has been approved by the International Telecommunication Union (ITU).
- IEEE is developing the IEEE P1901.2 standard that is based on G3.
- Each PLC standard has its own unique characteristics.
- the manner in which PLC systems are implemented depends upon local regulations, characteristics of local power grids, etc.
- the frequency band available for PLC users depends upon the location of the system.
- PLC bands are defined by the CENELEC (European Committee for Electrotechnical Standardization).
- the CENELEC-A band (3 kHz-95 kHz) is exclusively for energy providers.
- the CENELEC-E, C, D bands are open for end user applications, which may include PLC users.
- PLC systems operate between 35-90 kHz in the CENELEC A band using 35 tones spaced 13675 kHz apart.
- the FCC has conducted emissions requirements that start at 535 kHz and therefore the PLC systems have an FCC band defined from 154-487.5 kHz using 72 tones spaced at 4.6875 kHz apart.
- FCC band defined from 154-487.5 kHz using 72 tones spaced at 4.6875 kHz apart.
- different frequency bands are used, such as the Association of Radio Industries and Businesses (ARID)-defined hand in Japan, which operates at 10-450 kHz, and the Electric Power Research Institute (EPRI) defined bands in China, which operates at 3-90 kHz.
- ARID Association of Radio Industries and Businesses
- EPRI Electric Power Research Institute
- Segmentation is used for the transmission of large frames when the physical Maximum Transmission Unit (MTU) size in a system does not permit transfer of the entire frame.
- MTU Maximum Transmission Unit
- segmentation is performed at the MAC layer.
- the MAC layer on the transmitter side segments an incoming frame if it is larger than a particular size, At the receiver side, the MAC layer performs a reassembly procedure.
- the MAC layer is also responsible for performing encryption to provide security. Such encryption may be performed before or after segmentation. If encryption is performed before segmentation, then there is a potential security threat because the MAC header (MHR) is unencrypted. A receiver in this situation cannot determine a fake packet until the reassembly is completed. On the other hand, if encryption is performed after segmentation, it can lead to additional overhead due to presence of a message integrity check field (MIC) and the security padding that is necessary for encryption mechanisms typically used in PLC networks.
- MHR MAC header
- MIC message integrity check field
- systems and methods for transmitting encrypted packets in a power line communication (PLC) network are disclosed.
- PLC power line communication
- a PLC node or device generates frames to be transmitted to a destination node in the PLC network.
- a processor in the node is configured to generate a data payload comprising data to be sent to the destination node.
- the processor divides the data payload into two or more payload segments and encrypts the payload segments.
- the processor creates a frame for each of the encrypted payload segments, wherein each frame comprises a message integrity code.
- the processor creates a segment identifier for each frame using the message integrity code and an authentication key that is shared with the destination PLC node. The segment identifier is added to each frame.
- a transmitter in the node is configured to transmit the frames with segment identifiers to the destination PLC node.
- the segment identifier may be created using an MD5 algorithm.
- the authentication key and the message integrity code may be combined to create an input value.
- the MD5 algorithm generates an output value from the input value.
- the segment identifier may be created from the MD5 output value.
- the authentication key may be a 128-bit key
- the message integrity code may be a 16-bit cyclic redundancy check (CRC) value
- the first 16-bits of the output value may be used to create the segment identifier.
- the PLC node or device may also receive frames from other nodes in the PLC network.
- the PLC node includes a receiver configured to receive frames having a frame segment identifier, an encrypted payload segment, and a message integrity code.
- a processor in the node is configured to create a local segment identifier for each frame using the message integrity code and an authentication key shared with an originating PLC node. The node rejects the frame, if the local segment identifier does not matches the frame segment identifier.
- the processor extracts the encrypted payload segment for further processing, if the local segment identifier matches the frame segment identifier.
- the processor may combine the encrypted payload segment with one or more other encrypted payload segments to create a received payload.
- the received payload is then decrypted to create a decrypted payload.
- FIG. 1 is a diagram of a PLC system according to some embodiments.
- FIG. 2 is a block diagram of a PLC device or modem according to some embodiments.
- FIG. 3 is a block diagram of a PLC gateway according to some embodiments.
- FIG. 4 is a block diagram of a PLC data concentrator according to some embodiments.
- FIG. 5 is a schematic block diagram illustrating one embodiment of a system configured for point-to-point PLC.
- FIG. 6 is a block diagram of an integrated circuit according to some embodiments.
- FIG. 7 illustrates an example embodiment of a PLC network for a local utility PLC communications system.
- FIG. 8 illustrates the encryption and segmentation of a MAC payload that a transmitter intends to send to a receiver.
- FIG. 9 illustrates a malicious segment frame that has been transmitted in place of an original segment.
- FIG. 10 illustrates the use of a segment identifier according to one embodiment.
- FIG. 11 is a flowchart illustrating a process for transmitting segmented, encrypted frames with security identifiers.
- FIG. 1 illustrates a power line communication network according to some embodiments.
- Medium voltage (MV) power lines 103 from subnode 101 typically carry voltage in the tens of kilovolts range.
- Transformer 104 steps the MV power down to low voltage (LV) power on LV lines 105 , carrying voltage in the range of 100-240 VAC.
- Transformer 104 is typically designed to operate at very low frequencies in the range of 50-60 Hz.
- Transformer 104 does not typically allow high frequencies, such as signals greater than 100 KHz, to pass between LV lines 105 and MV lines 103 .
- LV lines 105 feed power to customers via meters or nodes 106 a - n, which are typically mounted on the outside of residences 102 a - n.
- premises 102 a - n may include any type of building, facility, electric vehicle charging node, or other location where electric power is received and/or consumed.
- a breaker panel such as panel 107 , provides an interface between meter 105 n and electrical wires 108 within residence 102 n. Electrical wires 108 deliver power to outlets 110 , switches 111 and other electric devices within residence 102 n.
- the power line topology illustrated in FIG. 1 may be used to deliver high-speed communications to residences 102 a - n.
- power line communications modems or gateways 112 a - n may be coupled to LV power lines 105 at meter 106 a - n.
- PLC modems/gateways 112 a - n may be used to transmit and receive data signals over MV/LV lines 103 / 105 .
- Such data signals may be used to support metering and power delivery applications (e.g., smart grid applications), communication systems, high speed Internet, telephony, video conferencing, and video delivery, to name a few.
- An illustrative method for transmitting data over power lines may use a carrier signal having a frequency different from that of the power signal.
- the carrier signal may be modulated by the data, for example, using an OFDM technology or the like described, for example, G3-PLC standard.
- PLC modems or gateways 112 a - n at residences 102 a - n use the MV/LV power grid to carry data signals to and from PLC data concentrator or router 114 without requiring additional wiring.
- Data concentrator or router 114 may be coupled to either MV line 103 or LV line 105 .
- Modems or gateways 112 a - n may support applications such as high-speed broadband Internet links, narrowband control applications, low bandwidth data collection applications, or the like. In a home environment, for example, modems or gateways 112 a - n may further enable home and building automation in heat and air conditioning, lighting, and security.
- PLC modems or gateways 112 a - n may enable AC or DC charging of electric vehicles and other appliances.
- An example of an AC or DC charger is illustrated as PLC device 113 .
- power line communication networks may provide street lighting control and remote power meter data collection.
- One or more PLC data concentrators or routers 114 may he coupled to control center 130 (e.g., a utility company) via network 120 .
- Network 120 may include, for example, an IP-based network, the Internet, a cellular network, a WiFi network, a WiMax network, or the like.
- control center 130 may be configured to collect power consumption and other types of relevant information from gateway(s) 112 and/or device(s) 113 through concentrator(s) 114 .
- control center 130 may be configured to implement smart grid policies and other regulatory or commercial rules by communicating such rules to each gateways) 112 and/or device(s) 113 through concentrators) 114 .
- FIG. 2 is a block diagram of PLC device 113 according to some embodiments.
- AC interface 201 may be coupled to electrical wires 108 a and 108 b inside of premises 112 n in a manner that allows PLC device 113 to switch the connection between wires 108 a and 108 b off using a switching circuit or the like.
- AC interface 201 may be connected to a single wire 108 (i.e., without breaking wire 108 into wires 108 a and 108 b ) and without providing such switching capabilities.
- AC interface 201 may allow PLC engine 202 to receive and transmit PLC signals over wires 108 a - b.
- PLC device 113 may be a PLC modern.
- PLC device 113 may be a part of a smart grid device (e.g., an AC or DC charger, a meter, etc.), an appliance, or a control module for other electrical elements located inside or outside of premises 112 n (e.g., street lighting, etc.).
- a smart grid device e.g., an AC or DC charger, a meter, etc.
- an appliance e.g., a control module for other electrical elements located inside or outside of premises 112 n (e.g., street lighting, etc.).
- PLC engine 202 may be configured to transmit and/or receive PLC signals over wires 108 a and/or 108 b via AC interface 201 using a particular frequency band.
- PLC engine 202 may be configured to transmit OFDM signals, although other types of modulation schemes may be used.
- PLC engine 202 may include or otherwise be configured to communicate with metrology or monitoring circuits (not shown) that are in turn configured to measure power consumption characteristics of certain devices or appliances via wires 108 , 108 a, and/or 108 b.
- PLC engine 202 may receive such power consumption information, encode it as one or more PLC signals, and transmit it over wires 108 , 108 a, and/or 108 b to higher-level PLC devices (e.g., PLC gateways 112 n, data aggregators 114 , etc.) for further processing. Conversely, PLC engine 202 may receive instructions and/or other information from such higher-level PLC devices encoded in PLC signals, for example, to allow PLC engine 202 to select a particular frequency band in which to operate.
- higher-level PLC devices e.g., PLC gateways 112 n, data aggregators 114 , etc.
- FIG. 3 is a block diagram of PLC gateway 112 according to some embodiments.
- gateway engine 301 is coupled to meter interface 302 , local communication interface 304 , and frequency band usage database 304 .
- Meter interface 302 is coupled to meter 106
- local communication interface 304 is coupled to one or more of a variety of PLC devices such as, for example, PLC device 113 .
- Local communication interface 304 may provide a variety of communication protocols such as, for example, ZigBee, Bluetooth, Wi-Fi, Wi-Max, Ethernet, etc., which may enable gateway 112 to communicate with a wide variety of different devices and appliances.
- gateway engine 301 may be configured to collect communications from PLC device 113 and/or other devices, as well as meter 106 , and serve as an interface between these various devices and PLC data concentrator 114 . Gateway engine 301 may also be configured to allocate frequency hands to specific devices and/or to provide information to such devices that enable them to self-assign their own operating frequencies.
- PLC gateway 112 may be disposed within or near premises 102 n and serve as a gateway to all PLC communications to and/or from premises 102 n. In other embodiments, however, PLC gateway 112 may be absent and PLC devices 113 (as well as meter 106 n and/or other appliances) may communicate directly with PLC data concentrator 114 . When PLC gateway 112 is present, it may include database 304 with records of frequency bands currently used, for example, by various PLC devices 113 within premises 102 n. An example of such a record may include, for instance, device identification information (e.g., serial number, device ID, etc), application profile, device class, and/or currently allocated frequency band. As such, gateway engine 301 may use database 305 in assigning, allocating, or otherwise managing frequency bands assigned to its various PLC devices.
- device identification information e.g., serial number, device ID, etc
- FIG. 4 is a block diagram of PLC data concentrator or router 114 according to some embodiments.
- Gateway interface 401 is coupled to data concentrator engine 402 and may be configured to communicate with one or more PLC gateways 112 a - n.
- Network interface 403 is also coupled to data concentrator engine 402 and may be configured to communicate with network 120 .
- data concentrator engine 402 may be used to collect information and data from multiple gateways 112 a - n before forwarding the data to control center 130 .
- gateway interface 401 may be replaced with a meter and/or device interface (now shown) configured to communicate directly with meters 116 a - n, PLC devices 113 , and/or other appliances.
- frequency usage database 404 may be configured to store records similar to those described above with respect to database 304 .
- FIG. 5 is a schematic block diagram illustrating one embodiment of a system 500 configured for point-to-point PLC.
- the system 500 may include a PLC transmitter 501 and a PLC receiver 502 .
- a PLC gateway 112 may be configured as the PLC transmitter 501 and a PLC device 113 may be configured as the PLC receiver 502 .
- the PLC device 113 may be configured as the PLC transmitter 501 and the PLC gateway 112 may be configured as the PLC receiver 502 .
- the data concentrator 114 may be configured as either the PLC transmitter 501 or the PLC receiver 502 and configured in combination with a PLC gateway 112 or a PLC device 113 in a point-to-point system 500 .
- a plurality of PLC devices 113 may be configured to communicate directly in a point-to-point PLC system 500 as described in FIG. 5 .
- the subnode 101 may be configured in a point-to-point system 500 as described above.
- suitable configurations for the point-to-point PLC system 500 described in FIG. 5 will recognize a variety of suitable configurations for the point-to-point PLC system 500 described in FIG. 5 .
- FIG. 6 is a block diagram of a circuit for implementing the transmission of multiple beacon frames using different modulation techniques on each tone mask in a PLC network according to some embodiments.
- processor 602 may be a digital signal processor (DSP), an application specific integrated circuit (ASIC), a system-on-chip (SoC) circuit, a field-programmable gate array (FPGA), a microprocessor, a microcontroller, or the like.
- DSP digital signal processor
- ASIC application specific integrated circuit
- SoC system-on-chip
- FPGA field-programmable gate array
- Processor 602 is coupled to one or more peripherals 604 and external memory 603 .
- external memory 603 may be used to store and/or maintain databases 304 and/or 404 shown in FIGS. 3 and 4 .
- processor 602 may include a driver for communicating signals to external memory 603 and another driver for communicating signals to peripherals 604 .
- Power supply 601 provides supply voltages to processor 602 as well as one or more supply voltages to memory 603 and/or peripherals 604 .
- more than one instance of processor 602 may be included (and more than one external memory 603 may be included as well).
- Peripherals 604 may include any desired circuitry, depending on the type of PLC system.
- peripherals 604 may implement local communication interface 303 and include devices for various types of wireless communication, such as Wi-Fi, ZigBee, Bluetooth, cellular, global positioning system, etc.
- Peripherals 604 may also include additional storage, including RAM storage, solid-state storage, or disk storage.
- peripherals 604 may include user interface devices such as a display screen, including touch display screens or multi-touch display screens, keyboard or other input devices, microphones, speakers, etc.
- External memory 603 may include any type of memory.
- external memory 603 may include SRAM, nonvolatile RAM (NVRAM, such as “flash” memory), and/or dynamic RAM (DRAM) such as synchronous DRAM (SDRAM), double data rate (DDR, DDR2, DDR3, etc) SDRAM, DRAM, etc
- DRAM dynamic RAM
- SDRAM synchronous DRAM
- DDR double data rate SDRAM
- DRAM double data rate SDRAM
- DRAM double data rate SDRAM
- DRAM double data rate SDRAM
- DRAM double data rate SDRAM
- DRAM dynamic RAM
- External memory 603 may include one or more memory modules to which the memory devices are mounted, such as single inline memory modules (SIMMs), dual inline memory modules (DIMMs), etc.
- SIMMs single inline memory modules
- DIMMs dual inline memory modules
- FIG. 7 illustrates an example embodiment of a PLC network 700 for a local utility PLC communications system
- Network 700 includes LV nodes 702 a - n and each of the nodes 702 a - n is connected to MV power line 720 through a corresponding transformer 710 a - n and LV line 706 a - n.
- Router, or modem, 714 is also connected to MV power line 720 .
- a sub-network 728 , or neighborhood 728 may be represented by the combination of nodes 702 a - n and router 714 .
- Master router 712 and router 716 are also connected to MV line 720 , which is powered by power grid 722 .
- Power grid 722 represents the high voltage power distribution system.
- Master router 712 may be the gateway to telecommunications backbone 724 and local utility, or control center, 726 . Master router 712 may transmit data collected by the routers to the local utility 726 and may also broadcast commands from local utility 726 to the rest of the network. The commands from local utility 726 may require data collection at prescribed times, changes to communication protocols, and other software or communication updates.
- the nodes 702 a - n in neighborhood 728 may transmit usage and load information (“data”) through their respective transformer 710 a - n to the MV router 714 .
- router 714 forwards this data to master router 712 , which sends the data to the utility company 726 over the telecommunications backbone 724 .
- requests for data uploading or commands to perform other tasks are transmitted.
- an unencrypted MHR is added to the encrypted payload. This can lead to potential security issues because a malicious node may capture the MHR and inject a malicious or “fake” segment. A receiver will not be able to detect that a malicious or fake segment was received until the receiver has reassembled and decrypted the encrypted payloads.
- FIG. 8 illustrates the encryption and segmentation of a MAC payload that a transmitter intends to send to a receiver.
- MAC Payload 801 is encrypted by the transmitter to create Encrypted MAC Payload 802 , which is then segmented into three Encrypted MAC Payload segments 803 .
- MHR 804 and CRC 805 are added to each segment 803 to create frames 806 .
- the transmitter then sends the three frames 806 to the receiver.
- a malicious device could be listening to segments 806 and could potentially send a malicious segment 901 in place of original second segment 806 - 2 .
- This malicious frame 901 is possible because MHR 806 - 2 is unencrypted.
- the malicious device can recreate the correct MHR 806 - 2 and insert malicious or “fake” data as payload 902 .
- CRC 903 is appended to the malicious frame, which is then sent to the receiver.
- the intended receiver will not be able to detect malicious payload 902 and will continue with the reassembly procedure using payloads 803 - 1 , 902 , and 803 - 3 .
- the receiver After reassembly of the segments, the receiver starts the decryption process and only then will detect that the frame is corrupted. However, even when the receiver detects the corrupted frame, it will not know which segment(s) contained the errors. The problem is of serious concern to the system because the transmitter will not know that the event has occurred, but would instead consider that all segments were transmitted successfully.
- the cause of this security threat is the fact that the receiver is unable to detect a malicious segment without performing a decryption process.
- the systems and methods proposed herein introduce a segment identifier into every segment.
- the segment identifier field may be, for example, an asymmetric function of an authentication key and the CRC of the frame.
- the segment identifier may have a smaller size than the CRC or message integrity code (MIC).
- MIC message integrity code
- the segment identifier size is two bytes.
- a malicious transmitter Given that the authentication key is known only to trusted nodes and the CRC is unique per frame, a malicious transmitter will not be able to recreate the same segment identifier. Even, if the malicious transmitter knows the algorithm used to create the segment identifier, it will not know the authentication key that is needed to create the segment identifier.
- the algorithm used to generate the segment identifier should be asymmetric such that the authentication key cannot be obtained using just the CRC and the segment identifier.
- a receiver Upon receiving a segment, a receiver will compute a local segment value using the authentication key and the segment CRC. The receiver compares the local segment value to the segment identifier in each segment and will drop any segments with a segment identifier that does not. match the locally computed value.
- this variation helps to prevent replay attacks by a malicious transmitter. Also, although the segment identifier is sent unencrypted, a malicious transmitter will not be able to create malicious frames, because the CRC of the malicious payload cannot be made to match the CRC used to create the segment identifier and because it will not have the Key used to create the segment identifier.
- FIG. 10 illustrates the use of a segment identifier according to one embodiment.
- Frame 1000 is generated by a transmitter and comprises header 1001 , segment identifier 1002 , encrypted payload 1003 , and CRC 1004 .
- Header 1001 includes, for example, routing information from the transmitter to an intended receiver.
- Encrypted payload is a segment of data being sent from the transmitter to the receiver that has been extracted from a larger data frame and encrypted
- CRC 1004 is a message integrity check for the header 1001 and payload 1003 .
- the transmitter uses the CRC 1004 and an authentication key known to the transmitter and intended receiver, the transmitter generates segment identifier 1002 using an algorithm also known to the transmitter and intended receiver.
- the frame 1000 is then sent to the intended receiver.
- the mechanism used to create the segment identifier is the MD5 message-digest algorithm as defined in RFC 1321 .
- the input to the MD5 algorithm is a 128-bit authentication key concatenated with a 16-bit CRC.
- the MD5 algorithm generates a 128 bit output.
- the first 16 bytes of the 128 bit MD5 output may be used as the segment identifier.
- any other algorithm may be used to generate a segment identifier using an authentication key and frame information (e.g., the CRC). All or part of the CRC (e.g., 16 bits or some other portion of the CRC) may be used to generate the segment identifier.
- the segment identifier may have any appropriate length, such as 16 bits or another number of bits.
- FIG. 11 is a flowchart illustrating a process for transmitting segmented, encrypted frames with security identifiers.
- a data payload is divided into a plurality of separate segments by a transmitter. The number of segments may be selected based upon a maximum frame size or a maximum payload size, for example.
- the payload segments are encrypted by the transmitter using an encryption algorithm known to the transmitter and an intended receiver.
- frames are created for each of the encrypted payload segments.
- the frames include header and a MIC, such as a 16-bit CRC.
- a segment identifier is created for each segment using the MIC and an authentication key shared with the intended receiver.
- a 128 bit authentication key is used along with the CRC to generate the segment identifier using the MD5 algorithm.
- the segment identifier is added to each segment frame. The frames are then transmitted to the intended receiver in step 1106 .
- the receiver extracts the MIC (e.g., CRC) from the received segment frame and uses it along with the authentication key to generate a local segment identifier value.
- the local segment identifier value is compared to the unencrypted segment identifier of the received frame.
- the receiver determines whether the segment identifiers match. If the segment identifier value calculated by the receiver in step 107 matches the segment identifier extracted from the received frame, then the encrypted payload of the received frame is reassembled with other encrypted payload segments and then decrypted in step 1110 . Otherwise, if the segment identifiers do not match, then the received frame is rejected in step 1111 .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Power Engineering (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Cable Transmission Systems, Equalization Of Radio And Reduction Of Echo (AREA)
Abstract
Embodiments of the invention provide systems and methods for a cipher then segment approach in a Power Line Communication (PLC). A node or device generates frames to be transmitted to a destination node in the PLC network. A processor in the node is configured to generate a data payload comprising data to be sent to the destination node. The processor divides the data payload into two or more payload segments and encrypts the payload segments. The processor creates a frame for each of the encrypted payload segments, wherein each frame comprises a message integrity code. The processor creates a segment identifier for each frame using the message integrity code and an authentication key that is shared with the destination PLC node. The segment identifier is added to each frame.
Description
- This application is a Divisional of and claims priority to U.S. patent application Ser. No. 14/826,342, filed on Aug. 14, 2015, which is a Continuation of and claims the benefit of U.S. patent application Ser. No. 14/045,960, filed Oct. 4, 2013, now U.S. Pat. No. 9,143,327, grant date Sep. 22, 2015.
- Power line communications (PLC) include systems for communicating data over the same medium that is also used to transmit electric power to residences, buildings, and other premises, such as wires, power lines, or other conductors. In its simplest terms, PLC modulates communication signals over existing power lines. This enables devices to be networked without introducing any new wires or cables. This capability is extremely attractive across a diverse range of applications that can leverage greater intelligence and efficiency through networking. PLC applications include utility meters, home area networks, and appliance and lighting control.
- PLC is a generic term for any technology that uses power lines as a communications channel. Various PLC standardization efforts are currently in work around the world. The different standards focus on different performance factors and issues relating to particular applications and operating environments. Two of the most well-known PLC standards are G3 and PRIME. G3 has been approved by the International Telecommunication Union (ITU). IEEE is developing the IEEE P1901.2 standard that is based on G3. Each PLC standard has its own unique characteristics.
- The manner in which PLC systems are implemented depends upon local regulations, characteristics of local power grids, etc. The frequency band available for PLC users depends upon the location of the system. In Europe, PLC bands are defined by the CENELEC (European Committee for Electrotechnical Standardization). The CENELEC-A band (3 kHz-95 kHz) is exclusively for energy providers. The CENELEC-E, C, D bands are open for end user applications, which may include PLC users. Typically, PLC systems operate between 35-90 kHz in the CENELEC A band using 35 tones spaced 13675 kHz apart. In the United States, the FCC has conducted emissions requirements that start at 535 kHz and therefore the PLC systems have an FCC band defined from 154-487.5 kHz using 72 tones spaced at 4.6875 kHz apart. In other parts of the world different frequency bands are used, such as the Association of Radio Industries and Businesses (ARID)-defined hand in Japan, which operates at 10-450 kHz, and the Electric Power Research Institute (EPRI) defined bands in China, which operates at 3-90 kHz.
- Segmentation is used for the transmission of large frames when the physical Maximum Transmission Unit (MTU) size in a system does not permit transfer of the entire frame. In some standards, such as IEEE P1901.2 and G3, segmentation is performed at the MAC layer. The MAC layer on the transmitter side segments an incoming frame if it is larger than a particular size, At the receiver side, the MAC layer performs a reassembly procedure.
- The MAC layer is also responsible for performing encryption to provide security. Such encryption may be performed before or after segmentation. If encryption is performed before segmentation, then there is a potential security threat because the MAC header (MHR) is unencrypted. A receiver in this situation cannot determine a fake packet until the reassembly is completed. On the other hand, if encryption is performed after segmentation, it can lead to additional overhead due to presence of a message integrity check field (MIC) and the security padding that is necessary for encryption mechanisms typically used in PLC networks.
- In one embodiment, systems and methods for transmitting encrypted packets in a power line communication (PLC) network are disclosed.
- A PLC node or device generates frames to be transmitted to a destination node in the PLC network. A processor in the node is configured to generate a data payload comprising data to be sent to the destination node. The processor divides the data payload into two or more payload segments and encrypts the payload segments. The processor creates a frame for each of the encrypted payload segments, wherein each frame comprises a message integrity code. The processor creates a segment identifier for each frame using the message integrity code and an authentication key that is shared with the destination PLC node. The segment identifier is added to each frame.
- A transmitter in the node is configured to transmit the frames with segment identifiers to the destination PLC node. The segment identifier may be created using an MD5 algorithm. The authentication key and the message integrity code may be combined to create an input value. The MD5 algorithm generates an output value from the input value. The segment identifier may be created from the MD5 output value.
- In one embodiment, the authentication key may be a 128-bit key, the message integrity code may be a 16-bit cyclic redundancy check (CRC) value, and the first 16-bits of the output value may be used to create the segment identifier.
- The PLC node or device may also receive frames from other nodes in the PLC network. The PLC node includes a receiver configured to receive frames having a frame segment identifier, an encrypted payload segment, and a message integrity code. A processor in the node is configured to create a local segment identifier for each frame using the message integrity code and an authentication key shared with an originating PLC node. The node rejects the frame, if the local segment identifier does not matches the frame segment identifier.
- The processor extracts the encrypted payload segment for further processing, if the local segment identifier matches the frame segment identifier. The processor may combine the encrypted payload segment with one or more other encrypted payload segments to create a received payload. The received payload is then decrypted to create a decrypted payload.
- Having thus described the invention in general terms, reference will now be made to the accompanying drawings, wherein;
-
FIG. 1 is a diagram of a PLC system according to some embodiments. -
FIG. 2 is a block diagram of a PLC device or modem according to some embodiments. -
FIG. 3 is a block diagram of a PLC gateway according to some embodiments. -
FIG. 4 is a block diagram of a PLC data concentrator according to some embodiments. -
FIG. 5 is a schematic block diagram illustrating one embodiment of a system configured for point-to-point PLC. -
FIG. 6 is a block diagram of an integrated circuit according to some embodiments. -
FIG. 7 illustrates an example embodiment of a PLC network for a local utility PLC communications system. -
FIG. 8 illustrates the encryption and segmentation of a MAC payload that a transmitter intends to send to a receiver. -
FIG. 9 illustrates a malicious segment frame that has been transmitted in place of an original segment. -
FIG. 10 illustrates the use of a segment identifier according to one embodiment. -
FIG. 11 is a flowchart illustrating a process for transmitting segmented, encrypted frames with security identifiers. - The invention now will be described more fully hereinafter with reference to the accompanying drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. One skilled in the art may be able to use the various embodiments of the invention.
-
FIG. 1 illustrates a power line communication network according to some embodiments. Medium voltage (MV)power lines 103 fromsubnode 101 typically carry voltage in the tens of kilovolts range.Transformer 104 steps the MV power down to low voltage (LV) power onLV lines 105, carrying voltage in the range of 100-240 VAC.Transformer 104 is typically designed to operate at very low frequencies in the range of 50-60 Hz.Transformer 104 does not typically allow high frequencies, such as signals greater than 100 KHz, to pass betweenLV lines 105 andMV lines 103.LV lines 105 feed power to customers via meters ornodes 106 a-n, which are typically mounted on the outside of residences 102 a-n. Although referred to as “residences,” premises 102 a-n may include any type of building, facility, electric vehicle charging node, or other location where electric power is received and/or consumed. A breaker panel, such aspanel 107, provides an interface between meter 105 n andelectrical wires 108 withinresidence 102 n.Electrical wires 108 deliver power tooutlets 110,switches 111 and other electric devices withinresidence 102 n. - The power line topology illustrated in
FIG. 1 may be used to deliver high-speed communications to residences 102 a-n. In some implementations, power line communications modems orgateways 112 a-n may be coupled toLV power lines 105 atmeter 106 a-n. PLC modems/gateways 112 a-n may be used to transmit and receive data signals over MV/LV lines 103/105. Such data signals may be used to support metering and power delivery applications (e.g., smart grid applications), communication systems, high speed Internet, telephony, video conferencing, and video delivery, to name a few. By transporting telecommunications and/or data signals over a power transmission network, there is no need to install new cabling to each subscriber 102 a-n. Thus, by using existing electricity distribution systems to carry data signals, significant cost savings are possible. - An illustrative method for transmitting data over power lines may use a carrier signal having a frequency different from that of the power signal. The carrier signal may be modulated by the data, for example, using an OFDM technology or the like described, for example, G3-PLC standard.
- PLC modems or
gateways 112 a-n at residences 102 a-n use the MV/LV power grid to carry data signals to and from PLC data concentrator orrouter 114 without requiring additional wiring. Data concentrator orrouter 114 may be coupled to eitherMV line 103 orLV line 105. Modems orgateways 112 a-n may support applications such as high-speed broadband Internet links, narrowband control applications, low bandwidth data collection applications, or the like. In a home environment, for example, modems orgateways 112 a-n may further enable home and building automation in heat and air conditioning, lighting, and security. Also, PLC modems orgateways 112 a-n may enable AC or DC charging of electric vehicles and other appliances, An example of an AC or DC charger is illustrated asPLC device 113. Outside the premises, power line communication networks may provide street lighting control and remote power meter data collection. - One or more PLC data concentrators or
routers 114 may he coupled to control center 130 (e.g., a utility company) vianetwork 120.Network 120 may include, for example, an IP-based network, the Internet, a cellular network, a WiFi network, a WiMax network, or the like. As such,control center 130 may be configured to collect power consumption and other types of relevant information from gateway(s) 112 and/or device(s) 113 through concentrator(s) 114. Additionally or alternatively,control center 130 may be configured to implement smart grid policies and other regulatory or commercial rules by communicating such rules to each gateways) 112 and/or device(s) 113 through concentrators) 114. -
FIG. 2 is a block diagram ofPLC device 113 according to some embodiments. As illustrated,AC interface 201 may be coupled toelectrical wires premises 112 n in a manner that allowsPLC device 113 to switch the connection betweenwires AC interface 201 may be connected to a single wire 108 (i.e., without breakingwire 108 intowires AC interface 201 may allowPLC engine 202 to receive and transmit PLC signals overwires 108 a-b. In some cases,PLC device 113 may be a PLC modern. Additionally or alternatively,PLC device 113 may be a part of a smart grid device (e.g., an AC or DC charger, a meter, etc.), an appliance, or a control module for other electrical elements located inside or outside ofpremises 112 n (e.g., street lighting, etc.). -
PLC engine 202 may be configured to transmit and/or receive PLC signals overwires 108 a and/or 108 b viaAC interface 201 using a particular frequency band. In some embodiments,PLC engine 202 may be configured to transmit OFDM signals, although other types of modulation schemes may be used. As such,PLC engine 202 may include or otherwise be configured to communicate with metrology or monitoring circuits (not shown) that are in turn configured to measure power consumption characteristics of certain devices or appliances viawires PLC engine 202 may receive such power consumption information, encode it as one or more PLC signals, and transmit it overwires PLC gateways 112 n,data aggregators 114, etc.) for further processing. Conversely,PLC engine 202 may receive instructions and/or other information from such higher-level PLC devices encoded in PLC signals, for example, to allowPLC engine 202 to select a particular frequency band in which to operate. -
FIG. 3 is a block diagram ofPLC gateway 112 according to some embodiments. As illustrated in this example,gateway engine 301 is coupled tometer interface 302,local communication interface 304, and frequencyband usage database 304.Meter interface 302 is coupled tometer 106, andlocal communication interface 304 is coupled to one or more of a variety of PLC devices such as, for example,PLC device 113.Local communication interface 304 may provide a variety of communication protocols such as, for example, ZigBee, Bluetooth, Wi-Fi, Wi-Max, Ethernet, etc., which may enablegateway 112 to communicate with a wide variety of different devices and appliances. In operation,gateway engine 301 may be configured to collect communications fromPLC device 113 and/or other devices, as well asmeter 106, and serve as an interface between these various devices and PLC data concentrator 114.Gateway engine 301 may also be configured to allocate frequency hands to specific devices and/or to provide information to such devices that enable them to self-assign their own operating frequencies. - In some embodiments,
PLC gateway 112 may be disposed within or nearpremises 102 n and serve as a gateway to all PLC communications to and/or frompremises 102 n. In other embodiments, however,PLC gateway 112 may be absent and PLC devices 113 (as well asmeter 106 n and/or other appliances) may communicate directly with PLC data concentrator 114. WhenPLC gateway 112 is present, it may includedatabase 304 with records of frequency bands currently used, for example, byvarious PLC devices 113 withinpremises 102 n. An example of such a record may include, for instance, device identification information (e.g., serial number, device ID, etc), application profile, device class, and/or currently allocated frequency band. As such,gateway engine 301 may usedatabase 305 in assigning, allocating, or otherwise managing frequency bands assigned to its various PLC devices. -
FIG. 4 is a block diagram of PLC data concentrator orrouter 114 according to some embodiments.Gateway interface 401 is coupled todata concentrator engine 402 and may be configured to communicate with one ormore PLC gateways 112 a-n.Network interface 403 is also coupled todata concentrator engine 402 and may be configured to communicate withnetwork 120. In operation,data concentrator engine 402 may be used to collect information and data frommultiple gateways 112 a-n before forwarding the data to controlcenter 130. In cases wherePLC gateways 112 a-n are absent,gateway interface 401 may be replaced with a meter and/or device interface (now shown) configured to communicate directly with meters 116 a-n,PLC devices 113, and/or other appliances. Further, ifPLC gateways 112 a-n are absent,frequency usage database 404 may be configured to store records similar to those described above with respect todatabase 304. -
FIG. 5 is a schematic block diagram illustrating one embodiment of asystem 500 configured for point-to-point PLC. Thesystem 500 may include aPLC transmitter 501 and aPLC receiver 502. For example, aPLC gateway 112 may be configured as thePLC transmitter 501 and aPLC device 113 may be configured as thePLC receiver 502. Alternatively, thePLC device 113 may be configured as thePLC transmitter 501 and thePLC gateway 112 may be configured as thePLC receiver 502. In still a further embodiment, the data concentrator 114 may be configured as either thePLC transmitter 501 or thePLC receiver 502 and configured in combination with aPLC gateway 112 or aPLC device 113 in a point-to-point system 500. In still a further embodiment, a plurality ofPLC devices 113 may be configured to communicate directly in a point-to-point PLC system 500 as described inFIG. 5 . Additionally, thesubnode 101 may be configured in a point-to-point system 500 as described above. On of ordinary skill in the art will recognize a variety of suitable configurations for the point-to-point PLC system 500 described inFIG. 5 . -
FIG. 6 is a block diagram of a circuit for implementing the transmission of multiple beacon frames using different modulation techniques on each tone mask in a PLC network according to some embodiments. In some cases, one or more of the devices and/or apparatuses shown inFIGS. 1-5 may be implemented as shown inFIG. 6 . In some embodiments,processor 602 may be a digital signal processor (DSP), an application specific integrated circuit (ASIC), a system-on-chip (SoC) circuit, a field-programmable gate array (FPGA), a microprocessor, a microcontroller, or the like.Processor 602 is coupled to one ormore peripherals 604 andexternal memory 603. In some cases,external memory 603 may be used to store and/or maintaindatabases 304 and/or 404 shown inFIGS. 3 and 4 . Further,processor 602 may include a driver for communicating signals toexternal memory 603 and another driver for communicating signals toperipherals 604.Power supply 601 provides supply voltages toprocessor 602 as well as one or more supply voltages tomemory 603 and/orperipherals 604. In some embodiments, more than one instance ofprocessor 602 may be included (and more than oneexternal memory 603 may be included as well). -
Peripherals 604 may include any desired circuitry, depending on the type of PLC system. For example, in an embodiment,peripherals 604 may implementlocal communication interface 303 and include devices for various types of wireless communication, such as Wi-Fi, ZigBee, Bluetooth, cellular, global positioning system, etc.Peripherals 604 may also include additional storage, including RAM storage, solid-state storage, or disk storage. In some cases,peripherals 604 may include user interface devices such as a display screen, including touch display screens or multi-touch display screens, keyboard or other input devices, microphones, speakers, etc. -
External memory 603 may include any type of memory. For example,external memory 603 may include SRAM, nonvolatile RAM (NVRAM, such as “flash” memory), and/or dynamic RAM (DRAM) such as synchronous DRAM (SDRAM), double data rate (DDR, DDR2, DDR3, etc) SDRAM, DRAM, etc,External memory 603 may include one or more memory modules to which the memory devices are mounted, such as single inline memory modules (SIMMs), dual inline memory modules (DIMMs), etc. -
FIG. 7 illustrates an example embodiment of aPLC network 700 for a local utility PLC communications system,Network 700 includes LV nodes 702 a-n and each of the nodes 702 a-n is connected toMV power line 720 through a corresponding transformer 710 a-n and LV line 706 a-n. Router, or modem, 714 is also connected toMV power line 720. Asub-network 728, orneighborhood 728, may be represented by the combination of nodes 702 a-n androuter 714.Master router 712 androuter 716 are also connected toMV line 720, which is powered bypower grid 722.Power grid 722 represents the high voltage power distribution system. -
Master router 712 may be the gateway totelecommunications backbone 724 and local utility, or control center, 726.Master router 712 may transmit data collected by the routers to thelocal utility 726 and may also broadcast commands fromlocal utility 726 to the rest of the network. The commands fromlocal utility 726 may require data collection at prescribed times, changes to communication protocols, and other software or communication updates. - During UL communications, the nodes 702 a-n in
neighborhood 728 may transmit usage and load information (“data”) through their respective transformer 710 a-n to theMV router 714. In turn,router 714 forwards this data tomaster router 712, which sends the data to theutility company 726 over thetelecommunications backbone 724. During DL communications (router 714 to nodes 702 a-n) requests for data uploading or commands to perform other tasks are transmitted. - When the MAC payload is encrypted first and segmented second, an unencrypted MHR is added to the encrypted payload. This can lead to potential security issues because a malicious node may capture the MHR and inject a malicious or “fake” segment. A receiver will not be able to detect that a malicious or fake segment was received until the receiver has reassembled and decrypted the encrypted payloads.
- For example,
FIG. 8 illustrates the encryption and segmentation of a MAC payload that a transmitter intends to send to a receiver.MAC Payload 801 is encrypted by the transmitter to createEncrypted MAC Payload 802, which is then segmented into three Encrypted MAC Payload segments 803. MHR 804 and CRC 805 are added to each segment 803 to create frames 806. The transmitter then sends the three frames 806 to the receiver. - However, as illustrated in
FIG. 9 , a malicious device could be listening to segments 806 and could potentially send amalicious segment 901 in place of original second segment 806-2. Thismalicious frame 901 is possible because MHR 806-2 is unencrypted. The malicious device can recreate the correct MHR 806-2 and insert malicious or “fake” data aspayload 902.CRC 903 is appended to the malicious frame, which is then sent to the receiver. The intended receiver will not be able to detectmalicious payload 902 and will continue with the reassembly procedure using payloads 803-1, 902, and 803-3. - After reassembly of the segments, the receiver starts the decryption process and only then will detect that the frame is corrupted. However, even when the receiver detects the corrupted frame, it will not know which segment(s) contained the errors. The problem is of serious concern to the system because the transmitter will not know that the event has occurred, but would instead consider that all segments were transmitted successfully.
- The cause of this security threat is the fact that the receiver is unable to detect a malicious segment without performing a decryption process. In order to avoid such scenarios, the systems and methods proposed herein introduce a segment identifier into every segment. The segment identifier field may be, for example, an asymmetric function of an authentication key and the CRC of the frame. The segment identifier may have a smaller size than the CRC or message integrity code (MIC). In one embodiment, the segment identifier size is two bytes.
- Given that the authentication key is known only to trusted nodes and the CRC is unique per frame, a malicious transmitter will not be able to recreate the same segment identifier. Even, if the malicious transmitter knows the algorithm used to create the segment identifier, it will not know the authentication key that is needed to create the segment identifier.
- To ensure the security of this feature, the algorithm used to generate the segment identifier should be asymmetric such that the authentication key cannot be obtained using just the CRC and the segment identifier.
- Upon receiving a segment, a receiver will compute a local segment value using the authentication key and the segment CRC. The receiver compares the local segment value to the segment identifier in each segment and will drop any segments with a segment identifier that does not. match the locally computed value.
- Because the CRC changes per frame, this variation helps to prevent replay attacks by a malicious transmitter. Also, although the segment identifier is sent unencrypted, a malicious transmitter will not be able to create malicious frames, because the CRC of the malicious payload cannot be made to match the CRC used to create the segment identifier and because it will not have the Key used to create the segment identifier.
-
FIG. 10 illustrates the use of a segment identifier according to one embodiment.Frame 1000 is generated by a transmitter and comprisesheader 1001,segment identifier 1002,encrypted payload 1003, andCRC 1004.Header 1001 includes, for example, routing information from the transmitter to an intended receiver. Encrypted payload is a segment of data being sent from the transmitter to the receiver that has been extracted from a larger data frame and encrypted,CRC 1004 is a message integrity check for theheader 1001 andpayload 1003. Using theCRC 1004 and an authentication key known to the transmitter and intended receiver, the transmitter generatessegment identifier 1002 using an algorithm also known to the transmitter and intended receiver. Theframe 1000 is then sent to the intended receiver. - In one embodiment, the mechanism used to create the segment identifier is the MD5 message-digest algorithm as defined in RFC 1321. The input to the MD5 algorithm is a 128-bit authentication key concatenated with a 16-bit CRC. The MD5 algorithm generates a 128 bit output. The first 16 bytes of the 128 bit MD5 output may be used as the segment identifier. It will be understood that any other algorithm may be used to generate a segment identifier using an authentication key and frame information (e.g., the CRC). All or part of the CRC (e.g., 16 bits or some other portion of the CRC) may be used to generate the segment identifier. Additionally, the segment identifier may have any appropriate length, such as 16 bits or another number of bits.
-
FIG. 11 is a flowchart illustrating a process for transmitting segmented, encrypted frames with security identifiers. Instep 1101, a data payload is divided into a plurality of separate segments by a transmitter. The number of segments may be selected based upon a maximum frame size or a maximum payload size, for example. Instep 1102, the payload segments are encrypted by the transmitter using an encryption algorithm known to the transmitter and an intended receiver. Instep 1103, frames are created for each of the encrypted payload segments. The frames include header and a MIC, such as a 16-bit CRC. - In
step 1104, a segment identifier is created for each segment using the MIC and an authentication key shared with the intended receiver. In one embodiment, a 128 bit authentication key is used along with the CRC to generate the segment identifier using the MD5 algorithm. Instep 1105, the segment identifier is added to each segment frame. The frames are then transmitted to the intended receiver instep 1106. - In
step 1107, the receiver extracts the MIC (e.g., CRC) from the received segment frame and uses it along with the authentication key to generate a local segment identifier value. Instep 1108, the local segment identifier value is compared to the unencrypted segment identifier of the received frame. Instep 1109, the receiver determines whether the segment identifiers match. If the segment identifier value calculated by the receiver instep 107 matches the segment identifier extracted from the received frame, then the encrypted payload of the received frame is reassembled with other encrypted payload segments and then decrypted instep 1110. Otherwise, if the segment identifiers do not match, then the received frame is rejected instep 1111. - Many modifications and other embodiments of the invention(s) will come to mind to one skilled in the art to which the invention(s) pertain having the benefit of the teachings presented in the foregoing descriptions, and the associated drawings. Therefore, it is to be understood that the invention(s) are not to be limited to the specific embodiments disclosed Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
Claims (10)
1. A method for verifying frames in a power line communication (PLC) network, comprising:
receiving a frame at a PLC network hardware node, the frame comprising a frame segment identifier, an encrypted payload segment, and a message integrity code;
creating a local segment identifier for each frame using the message integrity code and an authentication key shared with an originating PLC hardware node;
extracting the encrypted payload segment for further processing, if the local segment identifier matches the frame segment identifier; and
rejecting the frame, if the local segment identifier does not matches the frame segment identifier.
2. The method of claim 1 , further comprising:
combining the encrypted payload segment with one or more other encrypted payload segments to create a received payload; and
decrypting the received payload to create a decrypted payload.
3. The method of claim 1 , further comprising creating the local segment identifier using an MD5 algorithm.
4. The method of claim 3 , the method further comprising:
concatenating the authentication key and the message integrity code to create an input value;
generating a MD5 algorithm output value from the input value; and
creating the local segment identifier from output value.
5. The method of claim 4 , wherein the authentication key is a 128-bit key, the message integrity code is a 16-bit cyclic redundancy check (CRC) value, and the first 16-bits of the output value are used to create the local segment identifier.
6. A device for processing frames received from nodes in a power line communication (PLC) network, comprising:
a receiver configured to:
receive a frame comprising a frame segment identifier, an encrypted payload segment, and a message integrity code; and
a processor configure to:
create a local segment identifier for each frame using the message integrity code and an authentication key shared with an originating PLC node;
extract the encrypted payload segment for further processing, if the local segment identifier matches the frame segment identifier; and
reject the frame, if the local segment identifier does not matches the frame segment identifier.
7. The device of claim 6 , the processor further configured to:
combine the encrypted payload segment with one or more other encrypted payload segments to create a received payload; and
decrypt the received payload to create a decrypted payload.
8. The method of claim 6 , the processor further configured to create the local segment identifier using an MD5 algorithm.
9. The method of claim 8 , the processor further configured to:
combine the authentication key and the message integrity code to create an input value;
generate a MD5 algorithm output value from the input value; and
create the local segment identifier from output value.
10. The method of claim 9 , wherein the authentication key is a 128-bit key, the message integrity code is a 16-bit cyclic redundancy check (CRC) value, and the first 16 bits of the output value are used to create the local segment identifier.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/216,291 US9742785B2 (en) | 2013-10-04 | 2016-07-21 | Power line communication (PLC) network nodes using cipher then segment security |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/045,960 US9143327B2 (en) | 2013-10-04 | 2013-10-04 | Power line communication (PLC) network nodes using cipher then segment security |
US14/826,342 US9425955B2 (en) | 2013-10-04 | 2015-08-14 | Power line communication (PLC) network nodes using cipher then segment security |
US15/216,291 US9742785B2 (en) | 2013-10-04 | 2016-07-21 | Power line communication (PLC) network nodes using cipher then segment security |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/826,342 Division US9425955B2 (en) | 2013-10-04 | 2015-08-14 | Power line communication (PLC) network nodes using cipher then segment security |
Publications (2)
Publication Number | Publication Date |
---|---|
US20160330213A1 true US20160330213A1 (en) | 2016-11-10 |
US9742785B2 US9742785B2 (en) | 2017-08-22 |
Family
ID=52776962
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/045,960 Active 2033-11-16 US9143327B2 (en) | 2013-10-04 | 2013-10-04 | Power line communication (PLC) network nodes using cipher then segment security |
US14/826,342 Active US9425955B2 (en) | 2013-10-04 | 2015-08-14 | Power line communication (PLC) network nodes using cipher then segment security |
US15/216,291 Active US9742785B2 (en) | 2013-10-04 | 2016-07-21 | Power line communication (PLC) network nodes using cipher then segment security |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/045,960 Active 2033-11-16 US9143327B2 (en) | 2013-10-04 | 2013-10-04 | Power line communication (PLC) network nodes using cipher then segment security |
US14/826,342 Active US9425955B2 (en) | 2013-10-04 | 2015-08-14 | Power line communication (PLC) network nodes using cipher then segment security |
Country Status (2)
Country | Link |
---|---|
US (3) | US9143327B2 (en) |
CN (2) | CN104518864B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190007904A1 (en) * | 2017-06-30 | 2019-01-03 | Qualcomm Incorporated | Wake-up radio frame formats and device communications |
US10778482B2 (en) | 2019-02-12 | 2020-09-15 | Texas Instruments Incorporated | Bit slicer circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US10797921B2 (en) | 2019-02-12 | 2020-10-06 | Texas Instruments Incorporated | Threshold computation circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US11190022B2 (en) | 2019-01-09 | 2021-11-30 | Texas Instruments Incorporated | Controller circuit for photovoltaic sub-module |
US11342787B2 (en) | 2019-03-20 | 2022-05-24 | Texas Instruments Incorporated | Controller circuit for photovoltaic module |
US11350186B2 (en) | 2019-03-20 | 2022-05-31 | Texas Instruments Incorporated | Monitoring circuit for photovoltaic module |
US11540119B2 (en) * | 2020-02-06 | 2022-12-27 | Wiliot, LTD. | System and method for providing secure and reliable communication over a low-energy wireless communication protocol |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9143327B2 (en) * | 2013-10-04 | 2015-09-22 | Texas Instruments Incorporated | Power line communication (PLC) network nodes using cipher then segment security |
EP3085043B1 (en) * | 2013-12-20 | 2019-10-09 | Telefonaktiebolaget LM Ericsson (publ) | Energy saving in wireless devices |
CN108965309B (en) * | 2018-07-27 | 2021-02-12 | 腾讯科技(深圳)有限公司 | Data transmission processing method, device, system and equipment |
CN109743353B (en) * | 2018-12-04 | 2021-06-25 | 北京讯众通信技术股份有限公司 | Data conversion method based on Internet of things |
CN110365368A (en) * | 2019-08-29 | 2019-10-22 | 广东工业大学 | A kind of power line carrier communication control method and system |
CN115225296B (en) * | 2021-04-16 | 2024-04-12 | 华为技术有限公司 | Encrypted data transmission method and related equipment |
CN116743504B (en) * | 2023-08-14 | 2023-10-17 | 佳瑛科技有限公司 | Safe transmission method and system for digital data in network cable |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2002508643A (en) * | 1997-12-15 | 2002-03-19 | イナリ、インコーポレイテッド | Power line exchange protocol method and equipment |
JP3990565B2 (en) * | 2000-12-25 | 2007-10-17 | 松下電器産業株式会社 | Security communication packet processing apparatus and method |
US7027577B2 (en) | 2002-08-26 | 2006-04-11 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and system for multi-party call conferencing |
US20040111610A1 (en) * | 2002-12-05 | 2004-06-10 | Canon Kabushiki Kaisha | Secure file format |
US20040193891A1 (en) * | 2003-03-31 | 2004-09-30 | Juha Ollila | Integrity check value for WLAN pseudonym |
KR100574960B1 (en) * | 2003-11-25 | 2006-05-02 | 삼성전자주식회사 | The dividing method for payload intra-frame |
US7353388B1 (en) * | 2004-02-09 | 2008-04-01 | Avaya Technology Corp. | Key server for securing IP telephony registration, control, and maintenance |
US7992193B2 (en) * | 2005-03-17 | 2011-08-02 | Cisco Technology, Inc. | Method and apparatus to secure AAA protocol messages |
CN101026617B (en) | 2006-02-18 | 2010-09-15 | 华为技术有限公司 | Media resource scheduling method for IMS network |
KR100915805B1 (en) * | 2006-06-20 | 2009-09-07 | 삼성전자주식회사 | Apparatus and method for communicating mac layer data in broadband wireless communication system |
KR100785810B1 (en) * | 2006-12-05 | 2007-12-13 | 한국전자통신연구원 | Apparatus and method for rfid data protection |
CN101426196A (en) * | 2007-11-02 | 2009-05-06 | 华为技术有限公司 | Paging message data distributing method, base station and mobile station |
RU2528078C2 (en) * | 2008-09-19 | 2014-09-10 | Конинклейке Филипс Электроникс Н.В. | Method for secure communication in network, communication device, network and computer programme therefor |
JP2010192944A (en) * | 2009-02-13 | 2010-09-02 | Sony Corp | Content distribution apparatus, content use apparatus, content distribution system, content distribution method and program |
US7787480B1 (en) * | 2009-03-04 | 2010-08-31 | Juniper Networks, Inc. | Routing frames in a trill network using service VLAN identifiers |
EP2244435B1 (en) | 2009-04-20 | 2015-07-22 | Accenture Global Services Limited | IMS application server, network, method, and computer program product for executing services, particularly IP contact center services |
JP2011249933A (en) * | 2010-05-24 | 2011-12-08 | Smk Corp | Radio communication module, remote control device and radio system |
CN101894030A (en) * | 2010-06-29 | 2010-11-24 | 福建新大陆通信科技股份有限公司 | Television set top box USB interface-based data anti-theft updating method |
CN102201924A (en) * | 2011-07-07 | 2011-09-28 | 无锡智感星际科技有限公司 | Method for distributing file based on RDS unidirectional broadcast channel |
US9338172B2 (en) * | 2013-03-13 | 2016-05-10 | Futurewei Technologies, Inc. | Enhanced IPsec anti-replay/anti-DDOS performance |
US9143327B2 (en) * | 2013-10-04 | 2015-09-22 | Texas Instruments Incorporated | Power line communication (PLC) network nodes using cipher then segment security |
-
2013
- 2013-10-04 US US14/045,960 patent/US9143327B2/en active Active
-
2014
- 2014-09-30 CN CN201410520593.4A patent/CN104518864B/en active Active
- 2014-09-30 CN CN201910191548.1A patent/CN109905246B/en active Active
-
2015
- 2015-08-14 US US14/826,342 patent/US9425955B2/en active Active
-
2016
- 2016-07-21 US US15/216,291 patent/US9742785B2/en active Active
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190007904A1 (en) * | 2017-06-30 | 2019-01-03 | Qualcomm Incorporated | Wake-up radio frame formats and device communications |
US11190022B2 (en) | 2019-01-09 | 2021-11-30 | Texas Instruments Incorporated | Controller circuit for photovoltaic sub-module |
US10778482B2 (en) | 2019-02-12 | 2020-09-15 | Texas Instruments Incorporated | Bit slicer circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US10797921B2 (en) | 2019-02-12 | 2020-10-06 | Texas Instruments Incorporated | Threshold computation circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US11196596B2 (en) | 2019-02-12 | 2021-12-07 | Texas Instruments Incorporated | Bit slicer circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US11265191B2 (en) | 2019-02-12 | 2022-03-01 | Texas Instruments Incorporated | Bit slicer circuit for S-FSK receiver, integrated circuit, and method associated therewith |
US11342787B2 (en) | 2019-03-20 | 2022-05-24 | Texas Instruments Incorporated | Controller circuit for photovoltaic module |
US11350186B2 (en) | 2019-03-20 | 2022-05-31 | Texas Instruments Incorporated | Monitoring circuit for photovoltaic module |
US11689027B2 (en) | 2019-03-20 | 2023-06-27 | Texas Instruments Incorporated | Controller circuit for photovoltaic module |
US11877106B2 (en) | 2019-03-20 | 2024-01-16 | Texas Instruments Incorporated | Monitoring circuit for photovoltaic module |
US11540119B2 (en) * | 2020-02-06 | 2022-12-27 | Wiliot, LTD. | System and method for providing secure and reliable communication over a low-energy wireless communication protocol |
Also Published As
Publication number | Publication date |
---|---|
US9143327B2 (en) | 2015-09-22 |
US20150098569A1 (en) | 2015-04-09 |
CN109905246B (en) | 2022-05-03 |
US9425955B2 (en) | 2016-08-23 |
CN104518864A (en) | 2015-04-15 |
US9742785B2 (en) | 2017-08-22 |
CN104518864B (en) | 2019-04-19 |
US20150381355A1 (en) | 2015-12-31 |
CN109905246A (en) | 2019-06-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9742785B2 (en) | Power line communication (PLC) network nodes using cipher then segment security | |
US8958356B2 (en) | Routing protocols for power line communications (PLC) | |
US11831358B2 (en) | Coexistence primitives in power line communication networks | |
Carcelle | Power line communications in practice | |
Oksman et al. | G. HNEM: the new ITU-T standard on narrowband PLC technology | |
US6885674B2 (en) | Communications system for providing broadband communications using a medium voltage cable of a power system | |
JP6436493B2 (en) | Method, apparatus and computer program for transmitting and / or receiving signals via a power grid | |
US9203757B2 (en) | Network throughput using multiple reed-solomon blocks | |
WO2008151261A2 (en) | Managing communications over a shared medium | |
US20130343403A1 (en) | Retransmission Mechanism for Segmented Frames in Power Line Communication (PLC) Networks | |
CN103747499A (en) | Methods and apparatus for a common control protocol for wired and wireless nodes | |
US20220209996A1 (en) | Interface Extension Method, Apparatus, and System | |
CN110858822B (en) | Media access control security protocol message transmission method and related device | |
US20130266081A1 (en) | Support for Multiple Systems Using Different Modulation Schemes in PLC Networks | |
Cam-Winget et al. | Applicability statement for the routing protocol for low-power and lossy networks (RPL) in advanced metering infrastructure (AMI) networks | |
US9503158B2 (en) | Adaptive sub-band algorithm for point-to-point communication in PLC networks | |
CN106533503B (en) | A kind of method and device of powerline network communication | |
US20230155629A1 (en) | Apparatus and methods for mesh communication networks with broadcast messages | |
US20230069704A1 (en) | Method for detecting neighbouring nodes able to communicate by powerline and by a radio channel | |
Hui et al. | RFC 8036: Applicability Statement for the Routing Protocol for Low-Power and Lossy Networks (RPL) in Advanced Metering Infrastructure (AMI) Networks | |
Budka et al. | Elements of Communication Networking for Power System Practitioners |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |